CVE-2025-1093 AIHub <= 1.3.7 - Unauthenticated Arbitrary File Upload in generate_image

The AIHub theme for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the generateimage function in all versions up to, and including, 1.3.7. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which m...

@convergence/jointjs-utils (=0.4.0), aihub (>=1.0.1 <=1.0.2) +7 more potentially affected by CVE-2020-28479 via jointjs (>=3.1.0 <=3.2.0)

jointjs NPM version =3.1.0, =1.0.1, =1.0.6, =1.0.1, =1.0.1, =0.9.0, =0.10.1 - ublatt =1.2.0 - vue-erd =0.1.1 - vue-test-demo-one =0.1.0 Source cves: CVE-2020-28479 Source advisory: SNYK:JS-JOINTJS-1062038...